Re: [TLS] Fwd: draft-badra-tls-password-ext and challenge/response schemes
Badra <mbadra@gmail.com> Wed, 30 July 2008 00:05 UTC
Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3862128C15B; Tue, 29 Jul 2008 17:05:36 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1C1953A67FE for <tls@core3.amsl.com>; Tue, 29 Jul 2008 16:59:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id quyY7H1o10jd for <tls@core3.amsl.com>; Tue, 29 Jul 2008 16:59:41 -0700 (PDT)
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.173]) by core3.amsl.com (Postfix) with ESMTP id A0F673A68C8 for <tls@ietf.org>; Tue, 29 Jul 2008 16:59:40 -0700 (PDT)
Received: by ug-out-1314.google.com with SMTP id y36so205415ugd.46 for <tls@ietf.org>; Tue, 29 Jul 2008 16:59:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type:references; bh=xOldMHTyZegiHPUzb2WrGU7koheO9R6vzubh5odtIu4=; b=gVWto3ccxtE59hsYiu0iotewXGXeapGS3CrP5Y+p0UvK51nSDZ08H7gpSgzE7KyJPb klu+yLlQ+aSEPKwETy6vIULpvLpdvO60jn7DWasTCRi8XQBxT2JZ3H212Vngzl6TZ7k0 9FR5a4hynNDai/b2aNK+m3HGagdHkl5LnlYyE=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=ZzfO4xRXTjP/OIgl5pFnmHJL6iR10vDc6OiduXQ4KghzCaNX4YdaivyK3zJojoBkZY m8edNBtD+Yp4MTmFAhQoGGf5v1lZhQ+SdtfTRoMJWID7IWhOK7AA2Z4IKkA9vdpSZIy3 QSTRbGIRqYRCkLJkNKG1XnWJjzpyRRwLM7Az8=
Received: by 10.67.89.8 with SMTP id r8mr513336ugl.87.1217375993176; Tue, 29 Jul 2008 16:59:53 -0700 (PDT)
Received: by 10.66.251.3 with HTTP; Tue, 29 Jul 2008 16:59:53 -0700 (PDT)
Message-ID: <c24c21d80807291659h14f4853duef6f47c0d1dae8d0@mail.gmail.com>
Date: Wed, 30 Jul 2008 01:59:53 +0200
From: Badra <mbadra@gmail.com>
To: Nathaniel W Filardo <nwf@cs.jhu.edu>
In-Reply-To: <20080729212717.GA27017@masters13.cs.jhu.edu>
MIME-Version: 1.0
References: <20080729212717.GA27017@masters13.cs.jhu.edu>
X-Mailman-Approved-At: Tue, 29 Jul 2008 17:05:34 -0700
Cc: tls@ietf.org
Subject: Re: [TLS] Fwd: draft-badra-tls-password-ext and challenge/response schemes
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0391610544=="
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org
Hello, Sorry I didn't have this mail in my inbox, however, if you want to send non empty extension by the server so you need to allocate a code for each password based authentication (OTP, Token, etc.) which isn't the case of the document to allow to the client to select the appropriate one. In addition, the S/Key will require extra message to be exchanged, won't? Regards, Badra 2008/7/29 Nathaniel W Filardo <nwf@cs.jhu.edu> > I originally sent this to the I-D author but have not recieved a response > in > the interim. Reflecting further, I thought that perhaps the list would > know > the answer, thus this email. :) > Thanks, > --nwf; > > ----- Forwarded message from Nathaniel W Filardo <nwf@masters13.cs.jhu.edu> > ----- > > Date: Sat, 26 Jul 2008 06:12:41 -0400 > From: Nathaniel W Filardo <nwf@masters13.cs.jhu.edu> > To: badra@isima.fr > Subject: draft-badra-tls-password-ext and challenge/response schemes > User-Agent: Mutt/1.5.17 (2007-11-01) > > Salutations. > > I was thinking about how to secure TLS with S/Key and wasn't able to find > an > immediate solution (though if you know of one, it could render my question > moot). I happened across your Internet Draft and, after reading through > it, > I wondered if changing > > > Servers that receive an extended hello containing a "password" > > extension MAY agree to authenticate the client using passwords by > > including an extension of type "password", with empty > > "extension_data", in the extended server hello. > > to allow servers to specify some kind of textual data in the > "extension_data" field would be sufficient? The server could then provide, > e.g., the S/Key challenge to the client this way. > > Is this a silly thought? > Thanks much for your time. > --nwf; > > > > ----- End forwarded message ----- > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > > -- Badra
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] Fwd: draft-badra-tls-password-ext and chall… Nathaniel W Filardo
- Re: [TLS] Fwd: draft-badra-tls-password-ext and c… Badra